After the arrest of Pavel Durov, I wanted to move from Telegram to something end-to-end encrypted. I know Signal is pretty good, but I think it is better to have our messages in my own server.

I have already looked in XMPP, but it required SSL certs and I did not have the mood to configure them.

Do you know any other selfhosted messaging service for a group of 4-5 friends, or an easy way to configure an XMPP server? Or shall I use Signal after all (I don’t really care that much about being selfhosted, I just thought it would be more privacy friendly)?

  • wildbus8979@sh.itjust.worksEnglish
    22·
    22 hours ago

    SSL certs is so easy with let’s encrypt, that really shouldn’t be a blocker.

    If you want something easy I think you have your answer with Signal

    • VitabytesDevOPEnglish
      1·
      6 hours ago

      I know, but for some reason my router does not let me access my domain (with duckdns) when connected to my network. So even if I get certs for the domain, I will not be able to access it. I have set up local DNS entries (with Pi-Hole) to point to my srrver, but I don’t know if it possible to get certs for that, since it is not a real domain.

      • qjkxbmwvz@startrek.websiteEnglish
        3·
        5 hours ago

        I have set up local DNS entries (with Pi-Hole) to point to my srrver, but I don’t know if it possible to get certs for that, since it is not a real domain.

        So long as your certs are for your fully qualified domain there’s no problem. I do this, as do many people — mydoman.com is fully qualified, but on my own network I override the DNS to the local address. Not a problem at all — DNS is tied to the hostname, not the IP.

        • sugar_in_your_tea@sh.itjust.worksEnglish
          2·
          2 hours ago

          Can confirm, I do this as well for my local services (especially important for Jellyfin), I just point my local DNS server at my local IP and everything works perfectly.

          • qjkxbmwvz@startrek.websiteEnglish
            1·
            39 minutes ago

            Another fun trick you can play is to use a private IP on your public DNS records. This is useful for Jellyfin on Chromecast for instance — it uses 8.8.8.8 for DNS lookup (and ignores your router settings), so it wants a fully qualified domain name. But it has no problem accessing local hosts, so long as it’s from 8.8.8.8’s record.

            • sugar_in_your_tea@sh.itjust.worksEnglish
              1·
              22 minutes ago

              I suppose, but then you’re kind of screwed if you want to access Jellyfin outside of your network. I suppose you could use a VPN, but it’s probably easier to just not use the Chromecast (or just accept that it’s going to hit the WAN regardless).

      • node815@lemmy.worldEnglish
        1·
        5 hours ago

        Why not use a different DDNS service? There are plenty out there. :) I think this may solve your issue. I’ve been using freemyip.com’'s for a while and have had no problem in the past issusing LetsEncrypt SSL’s. At the moment, I’m on Cloudflare tunnels so it’s automatic with them, which I know is a huge trust issue for a lot of people, but I don’t mind it for my stuff. But I do like to have my DDNS as a backup service from time to time.